The international industry at large can have a bigger say on the big issues, says John Colley, managing director of (ISC)2 EMEA and co-chair of its Advisory Board.
With cyber security an increasing priority in political arenas, more special-interest groups launching projects aimed at tackling the threats, and concerns rising over the paucity of professionals available to protect business and society, it is time to step back and take a look at the bigger picture. Cyber security is a global problem that calls for high levels of co-operation and a common understanding that transcends national borders. This is a concept that has been well understood for more than two decades by the international industry, yet we are rarely first in line to be consulted on our expertise.
Traditionally governments, academia and the like defer to national professional bodies or Big Industry in their consultation efforts. All too often this involves high-ranking executives, technologists and vendors, and very little discussion with information professionals. Recognising this gap, we established the (ISC)2 EMEA Advisory Board. The aim is to support the international professional community's ability to organise and offer its perspective, while supporting the collective desire to give back to society that is so prevalent in our profession. The mandate is to tackle current, pressing issues identified by the information security profession itself.
One issue is the skills crisis. Ours is a maturing profession, with less than ten per cent of professionals under the age of 29, and employers are struggling to fill vacancies. Our community is well placed to be active on this issue. In addition to the depth and breadth of expertise we have to offer, there is a significant desire to work with academia and other organisations to help graduates and other newcomers take a career in an industry that prefers hiring experienced candidates.
The international industry has a role to play in bridging the gap between the professional and formal education systems. Policy-driven consultation on e-skills, regulations, standards, awareness and more will benefit from shared knowledge and the clout of co-ordinated activity.
The Advisory Board will be a conduit for regular communication between the front lines and the centralised effort. This initiative also builds on our Chapter programme; in less than a year, we have received formal petitions from more than 20 groups to establish chapters in their region.
There is clearly a resource to be tapped; it's time to make our presence understood.